<?php
	// -----------   Page Vars    ----------
	$to_root = '';
	$authorized = array(0, 1);

	$menu_selected = 4;
	
	//  ---- init
	include($to_root.'_classes/init.php');
	
	$main = new ViewDescriptor('main');
	Template::addBreadcrumb('home.php', 'Home');
	
	/* ========   INSERT CODE HERE   ======== */
	//=====================================================================================        POST
	if(isset($_POST['action']) && $_POST['action']=='edit' &&
			isset($_POST['id']) &&
			isset($_POST['fN']) &&
			isset($_POST['lN']) &&
			isset($_POST['email'])){
				
		$opwd = (isset($_POST['opwd'])) ? $_POST['opwd']: '';
		$npwd = (isset($_POST['npwd'])) ? $_POST['npwd']: '';

		$newid = $GLOBALS['Db-I']->editUser($_POST['id'], $_POST['fN'], $_POST['lN'], $_POST['email'], $opwd, $npwd);
		if(!is_array($newid)){
			header('Location: profile.php?msg=insert_success');
		} else {
			if(isset($newid['Error']) && $newid['Error'] == ERROR_NOT_ALLOWED){
				header('Location: profile.php?msg=not_authorized');
			} else {
				header('Location: profile.php?msg=update_error');
			}
		}
	} else if(isset($_POST['action']) && $_POST['action']=='new' &&
			isset($_POST['nick']) &&
			isset($_POST['fN']) &&
			isset($_POST['lN']) &&
			isset($_POST['email']) &&
			isset($_POST['pwd'])){
				
		$_SESSION['form_backup'] = array('nick'=>$_POST['nick'], 'fN'=>$_POST['fN'], 'lN'=>$_POST['lN'],'email'=>$_POST['email']);
				
		$newid = $GLOBALS['Db-I']->newUser($_POST['nick'], $_POST['fN'], $_POST['lN'], $_POST['email'], $_POST['pwd']);
		if(!is_array($newid)){
			unset($_SESSION['form_backup']);
			header('Location: profile.php?id='.$newid.'&msg=insert_success');
		} else {
			if(isset($newid['Error']) && $newid['Error'] == ERROR_NOT_ALLOWED){
				header('Location: profile.php?msg=not_authorized');
			} else if(isset($newid['Error']) && $newid['Error'] == ERROR_USER_NAME_ALREADY_IN_USE) {
				header('Location: profile.php?action=new&msg=nick_used');
			} else {
				header('Location: profile.php?action=new&msg=update_error');
			}
		}	
	} else if(isset($_GET['action']) && $_GET['action']=='delete' && isset($_GET['id'])){
		$newid = $GLOBALS['Db-I']->deleteUser($_GET['id']);
		if(!is_array($newid)){
			header('Location: profile.php?msg=delete_success');
		} else {
			if(isset($newid['Error']) && $newid['Error'] == ERROR_NOT_ALLOWED){
				header('Location: profile.php?msg=not_authorized');
			} else {
				header('Location: profile.php?msg=delete_error');
			}
		}	
	}
	//=====================================================================================       View
	if(isset($_GET['id']) && $_GET['id']!= '' && !isset($_GET['action'])){  								// ----------------------------------- view User
		$id = $_GET['id'];
				
		$content = new ViewDescriptor('content/profile_view');
		$user = $GLOBALS['Db-I']->getUserById(($_GET['id']));
		if(!is_array($user)) {
			$content->addValue('id', $user->getId());
			$content->addValue('name', $user->getName());
			$content->addValue('nick', $user->getNick());
			$content->addValue('email', ($user->getEMail() =='')? '&nbsp;' : $user->getEMail());
			$content->addValue('status', ($user->getStatus()==UserDescription::STATUS_ONLINE) ? 'online' : 'blocked');
			$content->addValue('status_text', ($user->getStatus()==UserDescription::STATUS_ONLINE) ? 'Online' : 'Geblocked');
			if($_SESSION['User']['id'] == $user->getId() || $_SESSION['User']['group'] == 'admin'){
				$a = new SubViewDescriptor('authorized');
				$a->addValue('id', $user->getId());
				if($_SESSION['User']['group'] == 'admin'){
					$ad = new SubViewDescriptor('admin');
					$a->addSubView($ad);
					unset($ad);
				} else $a->removeSubView('admin');
				$content->addSubView($a);
				unset($a);
			} else $content->removeSubView('authorized');
			
			$projects = $user->getProjects();
			if($projects != array()) {
				foreach($projects as $project){
					$p = new SubViewDescriptor('projects');
					
					$p->addValue('id', $project->getId());
					$p->addValue('title', $project->getTitle());
					
					$content->addSubView($p);
					unset($p);
				}
			} else $content->removeSubView('projects');
			
			$msgs = $GLOBALS['Db-I']->getMessagesForUser($user->getId(), 0, PROFILE_NEW_MESSAGES_COUNT);
			if($msgs != array() && !isset($msgs['Error'])){
				foreach($msgs as $msg){
					$m = new SubViewDescriptor('messages');
					$m->addValue('id', $msg->getId());
					$m->addValue('uId', $user->getId());
					$m->addValue('title', $msg->getTitle());
					$m->addValue('date', $msg->getDate());
					$m->addValue('u_id', $msg->getAuthor()->getId());
					$m->addValue('u_name', $msg->getAuthor()->getName());
					$m->addValue('text', $msg->getText());
					$m->addValue('reply_count', $msg->getReplyCount());
					
					$content->addSubView($m);
					unset($m);
				}
				$content->removeSubView('no_msgs');
			} else {
				$content->removeSubView('messages');
				$nm = new SubViewDescriptor('no_msgs');
				$content->addSubView($nm);
			}
			
			Template::addBreadcrumb('profile.php?id='.$user->getId(), $user->getNick().'s Profil');
		} else header('Location: profile.php?msg=not_found');
	} else if(isset($_GET['action']) && $_GET['action']=='new'){											// ----------------------------------- new User		
		$content = new ViewDescriptor('content/profile_new');
		if(isset($_SESSION['form_backup'])){
			$content->addValue('nick', $_SESSION['form_backup']['nick']);
			$content->addValue('fN', $_SESSION['form_backup']['fN']);
			$content->addValue('lN', $_SESSION['form_backup']['lN']);
			$content->addValue('email', $_SESSION['form_backup']['email']);
		}
		Template::addBreadcrumb('profile.php?action=new', 'Neues Profil');
	} else if(isset($_GET['action']) && $_GET['action']=='edit' && isset($_GET['id'])){						// ----------------------------------- edit User
		$id = $_GET['id'];
		echo $id.'-'. $_SESSION['User']['id'];
		if((($_SESSION['User']['group'] != 'admin') && $_SESSION['User']['id'] != $id)) header('Location: profile.php?id='.$_SESSION['User']['id'].'&msg=not_authorized');
		if($id=='') header('Location: profile.php?id='.$_SESSION['User']['id']);
		
		$content = new ViewDescriptor('content/profile_edit');
		$user = $GLOBALS['Db-I']->getUserById(($id));

		$content->addValue('id', $user->getId());
		$content->addValue('vname', $user->getFirstName());
		$content->addValue('nname', $user->getLastName());
		$content->addValue('nick', $user->getNick());
		$content->addValue('email', ($user->getEMail() =='')? '&nbsp;' : $user->getEMail());
		
		$content->addValue('status_online', ($user->getStatus()==UserDescription::STATUS_ONLINE) ? 'selected="selected"': '');
		$content->addValue('status_blocked', ($user->getStatus()==UserDescription::STATUS_BLOCKED) ? 'selected="selected"': '');
		
		Template::addBreadcrumb('profile.php?id='.$user->getId().'&amp;action=edit', 'Profil bearbeiten');
	} else {																					// ----------------------------------- admin view all Users else view own User											
		if($_SESSION['User']['group'] == 'admin') {
			$users = $GLOBALS['Db-I']->getUsers();
			$content = new ViewDescriptor('content/profile');
			if( $_SESSION['User']['group'] == 'admin'){
				$a = new SubViewDescriptor('authorized');
				$content->addSubView($a);
				unset($a);
			} else $content->removeSubView('authorized');
			if(!isset($users['Error'])){
				foreach($users as $user){
					$u = new SubViewDescriptor('users');
					
					$u->addValue('id', $user->getId());
					$u->addValue('nick', $user->getNick());
					$u->addValue('name', $user->getName());
					$u->addValue('email', ($user->getEMail() =='')? 'unbekannt' : $user->getEMail());
					$u->addValue('status', ($user->getStatus()==UserDescription::STATUS_ONLINE) ? 'online' : 'blocked');
					$u->addValue('status_text', ($user->getStatus()==UserDescription::STATUS_ONLINE) ? 'Online' : 'Geblocked');
					
					$content->addSubView($u);
					
					unset($u);
				}
			} else $content->removeSubView('users');
		} else header('Location: profile.php?id='.$_SESSION['User']['id']);
	}
	
	/* ========   NORMAL STUFF   ========= */
	// Messages
	if(isset($_GET['msg']) && isset($errors) && is_array($errors) && isset($error_class) && is_array($error_class)){
    	$get_msg = explode('|', $_GET['msg']);
    	foreach($get_msg as $error){
    		if(isset($errors[$error]) && isset($error[$GLOBALS['Localization']['language']])){
    			$GLOBALS['Messages'][] = '<span class="msg_'.$error_class[$error].'">'.$errors[$error].'</span>';
    		}
    	}
    }
    // render Main Template
	Template::generateMenu($main, $menu_selected);
	Template::renderBreadCrumb($main);
	$main->addValue('messages', implode("\n", $GLOBALS['Messages']));
	$main->addValue('content', $content->render());
	$main->addValue('script', '<script type="text/javascript" src="'.$GLOBALS['tpl']['root'].'_template/todolist/'.$GLOBALS['Localization']['language'].'/js/profile.js"></script>');
	$main->addValue('style', '<link rel="stylesheet" href="'.$GLOBALS['tpl']['root'].'_template/todolist/'.$GLOBALS['Localization']['language'].'/css/profile.css" type="text/css"  media="screen"/>');
	
	echo $main->render(); 
?>